Integrated circuits (IC's) for applications such as smartcards, RFID tags, Pay-TV chips often contain a secret security key and carry out secret functions. The IC needs to be secure against attacks from the outside which aim at retrieving data there from. IC's may be subjected to both front-side as well as back-side attacks. In this description the “front-side” of a semiconductor device is defined as the side of the semiconductor device on which circuitry is provided. This side is also being referred to as the “first side of the substrate” in this description. Likewise, the “back-side” of the semiconductor device is defined as the side opposite to the front-side and this side is also being referred to as the “second side of the substrate” in this description. Back-side attacks may consist of various analysis techniques such as light or photon emission detection, thermal infrared detection, liquid crystal detection, voltage or electric field detection, and electro magnetic detection methods. Often these methods are used in combination with invasive attacks such as wafer thinning, laser cutting and heating, focused ion beam (FIB) techniques. Also light or laser flash methods are used from the back-side in order to force signals to flip. When any one of the above-mentioned techniques is used in combination with mathematical attacks, these attacks can be very powerful.
To counteract the ever-increasing physical and mathematical attacks described above, various kinds of tamper protection schemes have been reported, both for front-side as well as back-side. Tamper protection schemes become stronger when they are combined with cryptography. Recently, so-called Physical unclonable Functions (PUFs) were introduced by Pappu et. al. in “Physical One-Way Functions”, MIT, March 2001. This disclosure presented a PUF as a cost-effective way of generating secure keys for cryptographic purposes. A PUF is a function that is embodied in a physical structure that is easy to evaluate but hard to characterize. The physical structure that contains the PUF consists of at least one random component. This random component is introduced during the manufacturing process and cannot be easily controlled. PUF's are described for use as a hash function and for authentication purposes. Because through PUF's the data is stored essentially in a material rather than in a circuit, the technology can also be used as part of a device that needs authentication, such as a security sensor. Many further developments focus on developing different types of PUF's. The application of PUF's focuses on using PUF's as unique identifiers for smart-cards (fingerprinting) and credit cards or as a ‘cheap’ source for key generation (common randomness) between two parties based on the very useful properties of PUF of the uniqueness of the responses and unclonability of the PUF (see also P. Tuyls et. al., “Information-Theoretic Security Analysis of Physical Unclonable Functions”.
An important aspect of a physical structure for a PUF is that its physical properties are such that an electric property, such as a capacitance or a resistance, can be derived from it which is not (easily) reproducible. This means that the respective electrical property behaves stochastically, i.e. varies within a single semiconductor device (having multiple physical structure), varies within a single batch of semiconductor devices, and varies between multiple batches. The larger the variation of the respective electrical property the more information is contained in the PUF.
A problem with the known PUF's is that the variation of the respective electrical property is limited.